EC2 (and OpenStack) uses security groups to give you the best of both worlds: shared address space so you _can_ route to other customers; but the firewall means you have to explicitly allow the traffic.
Yup EC2 security groups are great for ease of management. Group to Group communication for something like load balancers to auto scaling back-end app servers is great as you don't have to worry at all about tracking IP addresses.
